<?php
session_start();
include '../models/Model.php';
$model=new model();
$userId=$_SESSION['userId'];
$user=$model->searchUserById($userId);
$username = $user->getUserAccName();

$oldpass = $_POST['oldPassword'];
if($oldpass==$user->getUserPassword()){
	//echo "fuck";die;
	$newpass= $_POST['newPassword'];
	$user->setUserPassword($newpass);
	
	$model->updateUser($user);
	
	$date = date("Y-m-d H:i:s");
	$log = $date."---Event---".$username."---ChangePass\n";
	$path="../log/log.txt";
	$file=fopen($path, "a");
	$write=fwrite($file,$log);
	fclose($file);
	session_destroy();
	header('Location:../view/user/login.php');
}
else{
	header('Location:../view/user/change_pass.php?changepass=f');
}
?>